Posts Tagged ‘data loss prevention’
In November 2009, the Information Commissioners Office (ICO) revealed that a large number of T-Mobile customer data had been stolen and sold to a third party company by an employee of the company. The revelation came as a result of a campaign by the ICO to introduce tougher punishment for data thieves.
T-Mobile, a part of Deutsche Telekom AG, confessed that the details had been sold and stated that they were working with the ICO to not only find the culprit but to wipe out a common problem for all mobile phone companies.
Rival companies had bought and used the information to call customers that were nearing the end of their current contract and would offer them a new one with a new network.
Now, 9 months on, former T-Mobile employee David Turley will be prosecuted after confessing to the crime. Turley admitted to selling the data at Chester Crown Court in July and faces 18 charges under Section 55 of the Data Protection Act.
These charges come on the tail of increased penalties for Data Theft. Before April this year, the maximum penalty for data theft in the UK was a fine of £5000. Now, new legislation has now enabled the ICO to charge companies fines of up to £500,000.
A second former employee, Darren Hames, will submit his plea regarding his role in the theft later this year.
Many companies are already taking precautions to deal with the ‘Insider Threat’ regarding Data Loss Prevention and are adding such tools and technologies such as cryptography and Secure Erasure to ensure that data is accessed only by those with authorisation and destroyed when no longer required.
Anusree Saha, Channel Marketing Manager of Data Destruction company, Shred Easy Ltd explains that, “the fact that the employees have now been charged and the introduction of new powers for the ICO, in April, shows that data theft is an increasing problem that requires harsher penalties.”
“Confidential information is constantly made accessible to would-be thieves and it is encouraging to see the increased severity of the punishments.”
The whole subject of Data Privacy has grown over recent years and has even seen the establishment of an International Association of Privacy Professional (IAPP) with membership spanning the globe.
COURTESY OF DIGITAL FORENSICS MAGAZINE: http://digitalforensicsmagazine.com/